Loading, Please Wait...
SAN CARLOS, Calif., June 13, 2019 (GLOBE NEWSWIRE) -- Check Point Research, the Threat Intelligence arm of Check Point® Software Technologies Ltd. (NASDAQ: CHKP), a leading provider of cyber security solutions globally, has published its latest Global Threat Index for May 2019. The Research team is warning organizations to check for and patch any systems vulnerable to the ‘BlueKeep’ Microsoft RDP flaw (CVE-2019-0708) in Windows 7 and Windows Server 2008 machines, to prevent the risk of it being exploited for ransomware and cryptomining attacks.
The BlueKeep flaw affects nearly 1 million machines accessible to the public internet, with many more within organizations’ networks. The vulnerability is critical because it requires no user interaction in order to be exploited. RDP is already an established, popular attack vector which has been used to install ransomware such as SamSam and Dharma. The Check Point Research team is currently seeing many scanning attempts for the flaw, originating from several different countries globally, which could be the initial reconnaissance phase of an attack. In addition to the relevant Microsoft patches, Check Point is providing both network and endpoint protections to this attack.
Maya Horowitz, Threat Intelligence and Research Director at Check Point, said: “The biggest threat we’ve seen over the past month is BlueKeep. Even though no attacks have yet been seen exploiting it, several public proof-of-concept exploits have been developed. We agree with Microsoft and other cybersecurity industry observers that BlueKeep could be used to launch cyberattacks on the scale of 2017’s massive WannaCry and NotPetya campaigns. One single computer with this flaw can be used to deliver a malicious payload that infects an entire network. Then all infected computers with Internet access can infect other vulnerable devices worldwide – enabling the attack to spread exponentially, at an unstoppable pace. So it’s critical that organizations protect themselves – and others – by patching the flaw now, before it’s too late.”
Other significant malware news in May was the developers of the GandCrab Ransomware-as-a-Service affiliate program announcing on the last day of the month that they were ceasing operation, and asking their affiliates to stop distributing the ransomware within 20 days. The operation has been active since January 2018, and in just two months had infected over 50,000 victims. Total earnings for its developers and affiliates are claimed to be in the billions of dollars. A regular in the Top 10 Most Wanted Index, GandCrab was frequently updated with new capabilities to evade detection tools.
May 2019’s Top 3 ‘Most Wanted’ Malware:
*The arrows relate to the change in rank compared to the previous month.
The three most prominent Cryptominers - Cryptoloot, XMRig, and JSEcoin continue to top the malware index, each with a global impact of 4%.
May’s Top 3 ‘Most Wanted’ Mobile Malware:
This month Lotoor is the most prevalent mobile malware, up from 2nd in April. Triada drops from 1st to 3rd , while Hiddad climbs back up from 3rd to 2nd.
May’s Top 3 ‘Most Exploited’ vulnerabilities:
In May we saw a comeback of traditional attack techniques (probably caused by the decrease in Cryptominers’ profitability), with SQL Injections techniques leading the top exploits vulnerabilities list with a global impact of 49%. Web Server Exposed Git Repository Information Disclosure and OpenSSL TLS DTLS Heartbeat Information Disclosure ranked second and third, impacting 44% and 41% of organizations worldwide respectively.
Check Point’s Global Threat Impact Index and its ThreatCloud Map is powered by Check Point’s ThreatCloud intelligence, the largest collaborative network to fight cybercrime which delivers threat data and attack trends from a global network of threat sensors. The ThreatCloud database holds over 250 million addresses analyzed for bot discovery, more than 11 million malware signatures and over 5.5 million infected websites, and identifies millions of malware types daily.
* The complete list of the top 10 malware families in May can be found on the Check Point Blog: https://blog.checkpoint.com/2019/06/13/may-2019-most-wanted-malware-bluekeep-microsoft-rdp-cryptocurrency-malware/.
Check Point’s Threat Prevention Resources are available at: http://www.checkpoint.com/threat-prevention-resources/index.html
About Check Point Research
Check Point Research provides leading cyber threat intelligence to Check Point Software customers and the greater intelligence community. The research team collects and analyzes global cyber-attack data stored on ThreatCloud to keep hackers at bay, while ensuring all Check Point products are updated with the latest protections. The research team consists of over 100 analysts and researchers cooperating with other security vendors, law enforcement and various CERTs.
About Check Point Software Technologies Ltd.
Check Point Software Technologies Ltd. (www.checkpoint.com) is a leading provider of cyber security solutions to governments and corporate enterprises globally. Its solutions protect customers from 5th generation cyber-attacks with an industry leading catch rate of malware, ransomware and other types of attacks. Check Point offers multilevel security architecture, “Infinity” Total Protection with Gen V advanced threat prevention, which defends enterprises’ cloud, network and mobile device held information. Check Point provides the most comprehensive and intuitive one point of control security management system. Check Point protects over 100,000 organizations of all sizes.
|INVESTOR CONTACT:||MEDIA CONTACT:|
|Kip E. Meintzer||Emilie Beneitez Lefebvre|
|Check Point Software Technologies||Check Point Software Technologies|
|+1.650.628.2040||+44 7785 38302|